Install the latest version of the Metasploit 4 Framework (MSF4) on Ubuntu 11.04 Natty Narwhal using the following commands. This downloads and installs the generic Linux binary which comes bundled with all the necessary components you need for Metasploit to install and run. This should work for most users and is the easiest way to get Metasploit Framework running under Ubuntu and other Debian based Linux distros quickly.
I’m a huge fan of the Nessus vulnerability scanner. It’s got plug-ins for anything you could ask for, runs great in a Linux environment, and outputs a ton of information (thanks to thousands and thousands of checks). While all that information is a good thing, sometimes you are just looking for specific issues or findings across a network. A quick way I like to strip out interesting information is grepping through the output files for certain Nessus ID’s. Here is a quick list of interesting plug-ins:
- 16314 – Lists suspicious and unwanted software.
- 36217 – Detection of the Conficker worm.
- 23938 – Locates Cisco routers with missing / default passwords.
- 38153 – A nice summary of missing Microsoft patches.
- 11936 – Identification details about the machines OS.
- 10673 – Locates SQL servers with default / blank SA accounts.
- 10396 – Details about SMB shares.
- 23910 – Locates modified HOSTS files – can be an indication of a virus or malware.
To search for these, I usually do a quick grep nessus-id *.nbe and then use cut with custom delimiters to filter out the IP addresses and other pertinent information.